About Malware and Viruses

Share or Print This Article

Details

Cox Communications is dedicated to protecting the internet experience of our customers. When Cox detects that one or more of your devices or computers is infected with malicious software, also known as malware or viruses, we send you an email to your preferred email address as well as any Cox Email addresses on your account.

Handling Viruses and Malware

Cox recommends several actions to help you resolve virus or malware infections.

Check to make sure you have installed Cox Security Suite Plus powered by McAfee® to help keep your devices protected from online threats. Cox Security Suite Plus is offered at no additional charge to Cox Internet customers. To download the software for free, visit www.cox.com/securitysuite to sign in to My Account with your primary User ID and Password.

Be sure to scan for viruses on all devices connected to your Cox Internet service. The computer or device that received the email notification may not be the infected device or computer.

Because no single security software is 100 percent effective, Cox recommends that you run additional software in addition to Cox Security Suite Plus. There are many anti-virus programs available, both free and for purchase. The following are a few examples of additional software that can remove infections.

Microsoft Safety Scanner - Microsoft Safety Scanner is a scan tool designed to find and remove malware from Windows computers.

Norton Power Eraser - This tool is useful if your computer has become a victim of crimeware that regular virus scans cannot detect.

While this software may be helpful to you, Cox provides support only for Cox Security Suite Plus. Contact the software manufacturer for assistance.

Malware and Virus Types

You may receive an email notification regarding the following malware, viruses, or system vulnerabilities. Use the table below to learn more.

Virus, Malware, or Vulnerability

Details

Zbot

Zbot is a Backdoor that targets the Windows operating system. This malware is a variant of the Zeus banker Trojan and is also known as the Panda Banker. It identifies itself to the control server and obtains instructions for further operations, such as the following.

Can monitor online activities

Injects code into target websites to steal banking credentials

Downloads additional plugins

Provides remote access through the VNC component

Injects malicious code into legitimate processes to hide activities

Esendi.A

Esendi.A is a severe malware with multiple purposes, such as the following.

Coin-mining

Redirects DNS to give ad clicks to bad actors

Can disable anti-virus and software firewall programs

Sality

Sality is malicious software that may communicate over a peer-to-peer (P2P) network to form a botnet for the following purposes.

Relaying spam

Stealing sensitive data

Compromising web servers

Rootkit functions

Open DNS Resolver

Open DNS Resolver is a setting in which a router, computer, or other internet-ready device provides recursive name resolution for clients outside of its administrative domain. This setting is typically triggered as a result of a virus or malware infection and results in the following issues.

Allows bad actors to use network bandwidth

Facilitates DDoS attacks on Cox servers resulting in service outages

Mirai

Mirai is malware that turns networked devices running Linux into botnets to do the following actions.

Participates in large-scale network attacks

Targets consumer internet-ready devices, including internet of things (IoT) devices such as IP cameras or others, and WiFi routers

Qsnatch

Qsnatch is malware designed to perform the following.

Affect Network Attached Storage (NAS) devices.

Collect confidential information from infected devices, such as login credentials and system configuration.